Project Proposal: Security Threats for Wireless Devices - PowerPoint PPT Presentation

About This Presentation
Title:

Project Proposal: Security Threats for Wireless Devices

Description:

Project Proposal: Security Threats for Wireless Devices Matt Fratkin April 11th, 2005 E6886 Project Overview To investigate the current security threats among ... – PowerPoint PPT presentation

Number of Views:317
Avg rating:3.0/5.0
Slides: 36
Provided by: Prefer818
Category:

less

Transcript and Presenter's Notes

Title: Project Proposal: Security Threats for Wireless Devices


1
Project Proposal Security Threats for Wireless
Devices
  • Matt Fratkin
  • April 11th, 2005
  • E6886

2
Project Overview
  • To investigate the current security threats among
    Wireless LANS, Wireless Personal Area Networks
    (Bluetooth), and Wireless Handheld devices
  • To describe the various problems associated with
    the built in security features for each of these
    devices

3
Wireless Technology Overview
  • Wireless technology can be defined as the ability
    for more than one device to communicate with each
    other without having any sort of physical
    connection

4
Wireless Technology Threats Overview
  • Since wireless technology does not use cables for
    transmission, it relies on radio frequencies to
    transmit the data
  • This makes it susceptible for intruders to
    intercept the signal and interfere with it how
    ever they want whether it be eavesdropping,
    stealing information, or causing damage to the
    network

5
Wireless LANs Overview
  • Connects users computers to the network using an
    access point device
  • The access point connects with devices equipped
    with wireless network adapters (wired Ethernet
    LAN via an RJ-45 port)
  • These access points usually have coverage areas
    of up to 300 feet
  • Some of these access points can be linked
    together so users can remained linked through
    multiple access points

6
Wireless Personal Area Networks Overview
(Bluetooth)
  • These are networks that are supposed to
    dynamically connect devices such as cell phones,
    laptops, PDAs
  • These ad-hoc networks have random network
    configurations and rely on a master-slave system
    connected by wireless links to allow devices to
    communicate with one another
  • Since the devices move in an unpredictable way
    the networks need to be reconfigured on the go in
    order to handle the change
  • The routing that the Bluetooth uses allows the
    master to establish and maintain these ever
    shifting networks

7
Bluetooth Network Example
  • Bluetooth enabled mobile phone connecting to
    mobile phone network, synching with a PDA address
    book, and downloading email

8
Wireless Handheld Devices
  • These devices can broken down into two
    categories PDAs and Smart Phones
  • PDAs operate on a proprietary networking standard
    that sends email to remote servers by accessing
    the corporate network
  • Smart Phones are mobile phones that contain
    information processing and data networking
    capabilities

9
Wireless LAN Security Features
  • There are three different types of security
    features for Wireless LANs
  • Authentication
  • Confidentiality
  • Integrity

10
Wireless LAN Security Features - Authentication
  • Provides a service to the users by needing to
    verify the identity of the users for each
    communicating station
  • Denies access to those who can not properly
    authenticate themselves
  • Therefore only authorized personal are allowed to
    use the communicating client stations

11
Wireless LAN Security Features- Confidentiality
  • This feature provides privacy to any user on the
    network
  • Supposed to prevent eavesdropping by outsiders
  • Therefore only authorized people are allowed to
    view the data on the network

12
Wireless LAN Security Features - Integrity
  • This feature is used to ensure that the data
    coming in is the data that was transmitted
  • Makes sure that no alterations of the data has
    been made while it is in transit
  • Therefore users should feel confident that they
    are viewing the data that was meant for them to
    see, not some altered version

13
Wireless LAN Security Diagram
14
Problems with the Wireless LAN Security Features
  • The standardization of Wireless LAN security is
    the IEEE 802.11Standard Security
  • This provides for cryptographic keys of 40-bits
  • However, some vendors have implemented products
    with keys of up to 104 and 128-bit keys
  • Many users in a network often share these
    cryptographic keys so if one becomes lost or
    stolen then the whole network can be at risk
  • Also, the eavesdropper usually knows 24-bits of
    every packet key, so this combined with the
    weakness in the key schedule allows for an
    analytical attack

15
Problems with the Wireless LAN Security Features-
cont.
  • The analytical attack recovers the key after only
    analyzing a small amount of traffic in the key
    schedule (RC4)
  • This attack is a very public attack similar to an
    attack script and open source code
  • Since the integrity is checked by a Cyclic
    Redundancy Check (CRC) along with checksums, the
    integrity can be challenged due to the fact that
    the checksums are noncryptographic
  • This leads to vulnerabilities in the system,
    allowing the attacker to be able to
    systematically decrypt the incoming packets and
    those change the information

16
RC4 Algorithm used for privacy protection
17
Diagram of Possible Wireless LAN attacks
18
Bluetooth Security Features
  • There are some built in security features for
    Bluetooth technology that address the following
    topics
  • Authentication
  • Confidentiality
  • Authorization

19
Bluetooth Security Features - Authentication
  • The purpose of this feature is to be able to
    verify the identity of who the device is
    communicating with
  • There is also an abort feature in case the device
    does not authenticate properly

20
Bluetooth Security Features - Confidentiality
  • This feature once again protects the privacy of
    the user
  • It is intended to prevent others from
    viewing/eavesdropping on the information being
    sent to and from the user
  • Therefore the user can feel safe that only
    authorized users are seeing the data

21
Bluetooth Security Features Authorization
  • This feature addresses the question as to whether
    or not the device is authorized to use the
    service
  • This prevents non-authorized users from stealing
    resources intended for authorized users

22
Bluetooth Security Modes
  • On top of the built in security features,
    Bluetooth can operate in the following three
    security modes
  • Security Mode 1 Nonsecure mode
  • Security Mode 2 Service-level enforced security
    mode
  • Security Mode 3 Link-level enforced security mode

23
Bluetooth Security Modes
24
Bluetooth Security Diagram
25
Problems with Bluetooth Security Features
  • Based on a table generated by the National
    Institute of Standards and Technology (NIST),
    some of the problems/vulnerabilities with the
    Bluetooth Technology are
  • The random number generator may produce static or
    periodic numbers that reduce the effectiveness of
    the authentication scheme
  • Short PINS are allowed for generating link and
    encryption keys. These short PINS can be guessed
    and therefore decreases the security
  • There is no way clear way to generate and
    distribute PINS, therefore in networks with many
    users it is difficult to keep secure PINS from
    being guessed

26
Problems with Bluetooth Security Features - cont
  • Authentication can be repeated- there is no limit
    set for the number of times a user can attempt to
    become authenticated
  • The key length used for encryption doesnt have a
    set minimum length, causing some to have
    short/weak keys
  • Security is not maintained all the way through
    the system- individual links are encrypted and
    authenticated and data is decrypted at
    intermediate points. There is no encryption and
    decryption maintained all the way through the
    system

27
Wireless Handheld Device Security Features
  • There are not a lot of built in security features
    in wireless handheld device, but their security
    can be threatened as well in the following areas
  • Confidentiality
  • Integrity
  • Availability

28
Wireless Handheld Devices Security Threats -
Confidentiality
  • The information contained on the wireless devices
    can be compromised at a variety of different
    levels whether it be on the handheld device
    itself, the storage module, the PC, or while
    being sent over Bluetooth, USB, or serial
    communication ports
  • PDAs are susceptible during the period when data
    is being transmitted as the data being sent is
    unencrypted so anyone in close proximity can
    retrieve that information
  • Likewise, a Bluetooth device that is not properly
    configured is liable to have the data stolen from
    someone who has a Bluetooth-enabled device

29
Wireless Handheld Devices Security Threats -
Integrity
  • Handheld devices face the same problems as
    Wireless LANs as the transmitted data can be
    altered before it reaches the user or device thus
    interfering with the integrity of the transmitted
    data
  • The handheld hardware must be protected from the
    insertion or replacement of the read-only-memory
    (ROM) by outside parties
  • Handheld applications must be protected from the
    installation of software from unauthorized
    sources that may contain malicious software
    (malware)

30
Wireless Handheld Devices Security Threats -
Availability
  • The wireless handheld devices need to also be
    protected from attacks that limit their
    computational or network resources thus making
    these devices unusable for certain periods of
    time
  • These attacks can be in the form of Trojan
    horses, worms, viruses and other malware that
    effect the networks
  • All types of wireless handheld devices are
    targets for these types of attacks

31
Conclusion
  • As it is evident from the previous slides
    wireless technology is a wonderful feature for
    many of today's most common devices
  • However, since information is being transmitted
    through radio frequencies it is open to
    interception and tampering from outside parties
  • Although many of these devices are built with
    security features it seems like many of these
    features are not good enough to protect the
    transmitted data

32
Conclusion - cont
  • Encryption keys for the networks seem to be built
    using very small amount of bits, even though the
    vendors are building the devices with large
    amounts of bits
  • PINS over large networks with many users are no
    good as short PINS are used which can easily be
    guessed
  • With the ever changing technology the wireless
    technology needs to make security a huge priority
    to protect the customers

33
Questions/Comments
  • I can be contacted at mbf2106_at_columbia.edu if you
    have any questions or comments

34
References
  • Karygiannis, Tom and Owens, Les, Wireless
    Network Security 802.11, Bluetooth and Handheld
    Devices, http//csrc.nist.gov/publications/nistpu
    bs/800-48/NIST_SP_800-48.pdf, 2002.
  • Uskela, Sami, Security in Wireless Local Area
    Networks, http//www.tml.hut.fi/Opinnot/Tik-110.5
    01/1997/wireless_lan.html, 1997
  • V-One Corporation, Smart Security for Wireless
    Communications, http//www.v-one.com/docs/whitepa
    per_wireless.pdf, 2003.

35
References -Diagrams
  • All diagrams were taken from the Wireless
    Network Security Publication by Tom Karygiannis
    and Les Owens
Write a Comment
User Comments (0)
About PowerShow.com